Hi,
- to check your plugin configuration, assuming that the plugin is at a service level (could be route or global plugin). My service is named swapi-service.
http :8001/services/swapi-service/plugins?name=key-auth
{
"data": [
{
"config": {
"anonymous": null,
"hide_credentials": false,
"key_in_body": false,
"key_names": [
"X-API-KEY"
],
"run_on_preflight": true
},
"consumer": null,
"created_at": 1556192265,
"enabled": true,
"id": "b5efaaa5-170c-49ec-87de-e57fc1534b9c",
"name": "key-auth",
"protocols": [
"http",
"https"
],
"route": null,
"run_on": "first",
"service": {
"id": "39be8c9c-c289-4c6c-85c7-7a60357977ba"
},
"tags": null
}
],
"next": null
}
You can see that my plugin is configured to read the API Key in the X-API-KEY field
- To check the consumer configuration
My consumer is named Consumer1 (you can retrieve the consumers with http :8001/consumers )
http :8001/consumers/Consumer1/key-auth/
{
"data": [
{
"consumer": {
"id": "0c2b5ac9-7668-44cd-ab06-7caa1c511552"
},
"created_at": 1556193025,
"id": "d6a99977-a8dc-4c83-b121-03dce192c07a",
"key": "123-nexDigital-456"
}
],
"next": null
}
You can see that the key for Consumer1 is 123-nexDigital-456
Then to perform the call (the route is set up with /sw path)
http :8000/sw/films/1/ X-API-KEY:123-nexDigital-456
With a wrong key
http :8000/sw/films/1/ X-API-KEY:123
The response is
{
"message": "Invalid authentication credentials"
}
With a wrong header
http :8000/sw/films/1/ X-WRONG-HEADER:123-nexDigital-456
The response is
{
"message": "No API key found in request"
}
Hope it helps.
You can consult a repository around rate limiting which describes the configuration of the plugin and consumers : https://github.com/nexDigitalDev/kong-ratelimiting-demo